Privacy Policy

What information we collect and what it is used for (purpose)

The purpose of the processing of this data will be solely to provide you with the information or services you request.

The personal data that may be collected through this website will be processed for the purposes set out below:

  • Contact form. The data you provide us through the “contact” forms on this website will be processed in order to answer the questions you ask us through this form.
  • From the moment you register as a user on this website we have access to: User name and email, IP address, postal address, DNI/CIF and non-sensitive payment data. In any case Rapid MST&D S.L reserves the right to modify, at any time and without prior notice, but informing, both the presentation and configuration of “Our website” as this legal notice.
  • Payment processing services: Through “Our website”, you can access through links to third party websites, to make payments for services provided by Rapid MST&D S.L. At no time our staff has access to bank details (eg credit card number) that you provide to such third parties. These third parties may include:

Web and hosting: “Our website” has SSL TLS v.1.2 encryption that allows the secure sending of personal data through standard contact forms, hosted on servers contracted to SiteGround Spain S.L.

Data collected through the web: The personal data collected will be subject to automated processing and incorporated into the corresponding files owned by Rapid MST&D S.L.

  • Your IP, which will be used to check the origin of the message in order to provide you with information, protection against SPAM comments and to detect possible irregularities as well as data relating to your ISP.
  • Also, you can provide your data through email and other means that we indicate in the contact section and other forms on “Our website”.

Data Retention

Disaggregated data: Disaggregated data will be kept without a deletion period.

Data of customers of the online store: The period of retention of personal data will vary depending on the service you hire in “Our website”. In any case, it will be the minimum necessary, being able to be kept up to:

  • 4 years: Law on Infractions and Penalties in the Social Order (obligations regarding affiliation, registrations, cancellations, contributions, payment of salaries…); Arts. 66 and following General Tax Law (accounting books…)
  • 5 years: Art. 1964 Civil Code (personal actions without special term)
  • 6 years: Art. 30 Code of Commerce (accounting books, invoices…)
  • 10 years: Art. 25 Prevention of Money Laundering and Terrorism Financing Law..

Data of subscribers to the e-mail feed: From the time the user subscribes until the user unsubscribes.

Data of subscribers to the newsletter: From the time the user subscribes until the user unsubscribes.

User data uploaded by Rapid MST&D S.L to pages and profiles on social networks: From the time the user gives his consent until he withdraws it.

Data secrecy and security

Rapid MST&D S.L undertakes in the use of the data, to respect their confidentiality and to use them in accordance with the purpose of the same, as well as to comply with its obligation to save them and adapt all measures to prevent alteration, loss, treatment or unauthorized access, in accordance with the provisions of Royal Decree 1720/2007 of December 21, which approves the Regulation of development of the Organic Law 15/1999 of December 13, Protection of Personal Data. You guarantee that the personal data provided through the form are truthful, being obliged to communicate any changes to them.

Likewise, you guarantee that all the information provided corresponds to your real situation, that it is up to date and accurate. You are solely responsible for the accuracy or falsity of the data provided and the damages that may be caused by it to Rapid MST&D S.L as owner of or third parties on the occasion of the use of such data.

Security Breaches

“Our website” adopts adequate security measures to detect the existence of viruses, brute force attacks and malicious code injections.

However, you should be aware that the security measures of computer systems on the Internet are not infallible and therefore Rapid MST&D S.L can not guarantee the absence of viruses or other elements that may cause alterations in computer systems (software and hardware) of the user or their electronic documents and files contained therein.

In spite of it and to try to guarantee the security and privacy of your personal data, we have an active system of monitoring of security that informs of every activity of the users and possible breaches in the security of the users’ data. If any breach is detected, we are committed to inform users within 72 hours.

Legitimacy of data processing

We can process your data because you give us your consent by checking the acceptance check box of this privacy policy and in accordance with the purposes indicated above. We ask you that the information you provide must be truthful because when providing personal data you guarantee the authenticity of such data to avoid any damage to Rapid MST&D S.L for providing false or third party data.

Recipients of the data

The personal data obtained through “Our website” will be transferred to:

Data protection rights

How to exercise your rights: You can make a written communication to the registered office of Rapid MST&D S.L or to the email address, including in any case a photocopy of your ID card or other document that identifies you, to request the exercise of the following rights:

  • Right to request access to personal data: you can ask us if we are processing your personal data.
  • Right to request its rectification in case it is incorrect.
  • Right to request the limitation of their treatment, in which case we will only keep them for the exercise or defense of claims.
  • Right to oppose the treatment: Rapid MST&D S.L will stop processing the data in the manner you indicate, unless for compelling legitimate reasons, tax obligations, the exercise or defense of possible claims must continue to be treated.
  • Right to data portability: in case you want your data to be processed by another data controller, we will facilitate the portability of your data to the new data controller.
  • Right to erasure of data: unless required by law, your data will be erased after your request and confirmation.

Models, forms and more information about your rights: Official website of the Spanish Data Protection Agency.

Possibility of withdrawing consent: in the event that you have given consent for a specific purpose, you have the right to withdraw it at any time, without affecting the lawfulness of the processing based on the consent prior to its withdrawal.

How to complain to the Control Authority: If you consider that there is a problem with the way we are handling your data, you can address your complaints to the Security Officer indicated above or to the corresponding data protection authority, being the Spanish Data Protection Agency, the competent entity in the case of Spain.

Content embedded from other websites

Our web site may include embedded content such as videos, images, articles, etc.

Content embedded from other websites behaves in the same way as if the visitor has visited the other website. These sites may collect data about you, use cookies, embed third party tracking, and monitor your interaction with the embedded content, including tracking your interaction with the embedded content if you have an account or are logged in to that site.


From this Site there may be links to third party websites. In such cases, we are not responsible for the privacy policies that such third parties may have regarding the personal information they collect. We recommend that you read the privacy policies of such sites.

Mobile Communication

Rapid MST&D S.L. (“Rapid”, “Rapid Group”, “we” or “us” or “our” ) is committed to protecting the privacy and security of your personally identifying information. We have prepared this Privacy Policy to explain how we collect, use, protect, and disclose your Personal Information (as defined below), usage data and message data when you use our marketing website located at (the “Site”), as well as when you use the Rapid Service which includes the Rapid Group mobile app, Rapid web interface, Rapid Outlook plug-in, Rapid APIs, Rapid administrator tools and other products and services provided on the website (all of the foregoing, collectively, the “Service”). By using the Service you consent to this Privacy Policy.

By visiting the Site or using the Service, you accept the policies and practices described in this Policy, as such Policy may be amended from time to time. Each time you visit the Site or use the Service, you agree and expressly consent to our collection, use and disclosure of the information that you provide as described in this Policy. In any case, and with respect to any Google Account information, we will only use that information to access your Google Account when, and for the limited purposes for which, you have given us permission to do so.

To be clear about the terminology we are using, when we use the phrase “Personal Information” in this Policy, we mean information about you that is personally identifiable, like your name, address, e-mail address, billing information, or phone number, as well as other non-public information that is associated with this personal information. When we use the phrase “Anonymous Information” in this Policy, we mean information that is not personally identifiable, or linked to your Personal Information such as aggregated information, general demographic information and IP addresses. Anonymous Information does not necessarily enable identification of individual persons.

1. Collection and Use of Information

When you register for the Rapid Group Site and Service (web interface, outlook plug-in, Whatsapp, APIs and administration tools), we collect information that personally identifies you, such as your full name, mobile telephone number, e-mail address and other information that you provide to us or that you include in any Rapid profile or account (“Personal Information”). We also collect your contact lists and/or address book data that will be stored on our servers and will only be used to:
(a) notify you about important appointment details with Rapid Group,
(b) to allow you to communicate with other us, we might share your contact information with other users.

In addition, we utilize a function that uses this data to synchronise your contact across your multiple devices.

When you send or receive messages using WhatsApp or text, as part of message delivery process, we temporarily process and store your messages, logging information, the recipients your contact data and other message related information. Note that we may share your Personal Information (e.g., name, e-mail address, telephone number) with other message recipients. Such sharing is done for message authentication and identity sharing with message recipients.

After message is processed, and transmitted, we strive to delete message data. However we do not guarantee that all message data will be completely deleted and therefore any message data that you send is sent at your own risk. If your setting is configured to keep message data, we may keep it for display and management when you access our Service through the different components of the Service.

We may also sync contact and application information with our server, to verify your ability to chat with other users of the application, the security level or other application settings.

The copy of your address book (names and phones) is stored on a live database. Data that is deleted from your mobile device and/or the Service may still be stored in our servers for regulatory compliance or audit purposes. Data may have a “historical backup” which can be deleted at any time upon request by the user. Please note that only administrators can request and implement data deletion for company accounts.

Your phone number, which will be verified via a text message that will be sent to you, will be used for identification purposes as your Rapid username.

Rapid Group may interact with your phone’s SMS inbox, placing incoming messages in your inbox or reading the contents of the activation SMS sent to you by Rapid.

If you choose to sync Rapid Group with your SMS/MMS messages, Rapid Group may also access other SMS/MMS information for encryption or server archiving purposes. We may even delete messages from your regular SMS/MMS message store.

Other Usage Data
We collect other usage data regarding how you access and use our Services, like the type of device you are using, and a device identifier, type of web browser, operating system, IP address used for access, ISP used for access, pages you viewed, duration of using our products, crash logs, and other information related to the use of our Services. We use this information to analyze trends. manage and administer the Service, troubleshoot problems, and to plan future enhancements and Service updates.

Archived Mobile Communication
In case you are using the Rapid Group Enterprise Number Archiver, only messages and calls done via our app may be monitored and archived – however, Rapid Group will not monitor nor upload any user information done over the phone’s native texting app or the phone native dialer.

In case you are using the Rapid Group WhatsApp chat, it can monitor all texts, chats and calls done using the WhatsApp Number monitored by Rapid Group – Rapid Group will not monitor nor upload any user information done over other chat and messaging apps. However note that WhatsApp might be getting additional data from your mobile device.

We will not link any Personal Information, including e-mail addresses, with aggregate data of our users.

Any or all of these activities with regard to Site usage information may be performed on our behalf by our service providers, including, for example, our analytics vendor(s) and our e-mail management partner(s).

We will never (and will not allow any third party to) use the statistical analytics tool to track or to collect any Personal Information of visitors or users. Google will not associate your IP address with any other data held by Google. Neither we nor Google will link, or seek to link, an IP address with the identity of a device user. We will not associate any data gathered from this site with any Personally Identifiable Information from any source, unless you explicitly submit that information via a fill-in form on our website.

If you do not want your information to be part of this statistical information gathering, you can disable Google Analytics using the application settings; visit the ‘More’ screen, tap settings, then disable Google Analytics Collect Data option.

Log Management
We may store log information for debugging or regulatory and compliances purposes.

2. Sharing and Disclosure of Information

We do not rent, sell, or share any information about the user with any third-parties, except as specifically described herein. We may disclose your Personal Information if we believe such action is necessary to:
(a) comply with the law, or legal process served on us;
(b) protect and defend our rights or property (including the enforcement of our agreements); or
(c) act in urgent circumstances to protect the personal safety of users of our Service or members of the public.

In order to provide you with Rapid Group products you have requested, Rapid Group may sometimes, if necessary, share your Personal Information (excluding your address book and related information) and traffic data with trusted partner service providers and/or agents, for example: banking organizations or other providers of payment and analytical services, customer support, or hosting services. Rapid Group will always require these third parties to take appropriate organizational and technical measures to protect your personal data and traffic data and to observe the relevant legislation. Rapid Group will never share your address book information with any third party, except as may be required by law (see below).

Third party companies, such as mobile providers, are used in order to send you an authentication SMS when you register with Rapid Group and for any message that is designated as an SMS/MMS message. In order to send you the SMS/MMS, we share with these third party companies your phone number and/or email address when delivering email messages.

We may disclose information about you if we determine that for national security, law enforcement, or other issues of public importance that disclosure of information is necessary.

We may from time to time ask you to provide information about your experiences which will be used to measure and improve quality. You are at no time under any obligation to provide any of such data. Any and all information which is voluntarily submitted in feedback forms on the Site or any survey that you accept to take part in is used for the purposes of reviewing this feedback and improving the Rapid Group software, products and websites.

We may contact you to send you messages about faults and service issues. Furthermore, we reserve the right to use email, the Rapid Group software or SMS to notify you of any eventual claims related to your use of our software, websites and/or products, including without limitation claims of violation of third party rights.

We may send you alerts via the Rapid Group software to notify you when someone has tried to contact you. We may also use the Rapid Group software to keep you up to date with news about our software and products that you have purchased and/or to inform you about other Rapid Group products and related information.

Website owner

  • Company name: Rapid MST&D S.L
  • CIF: B16686784
  • Registered address: Avenida Ricardo Soriano, 72, Portal B, 1st floor, 29601 Marbella Malaga, Andalucia, España
  • Activity: Diagnostic tests
  • E-mail:
  • Rapid MST&D S.L pages: (hereinafter “Our website”).
  • Purpose of the website: Medical diagnostic tests

Data Controller (data controller)

Rapid MST&D S.L, contact email:

Social networks

  • Presence in networks: We have profiles in some of the main social networks on the Internet.
  • Purpose and legitimacy: The treatment that we will carry out with the data within each of the referred networks will be, at most, the one that the social network allows to the corporate profiles. Thus, we will be able to inform, when the law does not prohibit it, its followers by any means that the social network allows about its activities, presentations, offers, as well as provide personalized customer service.
  • Data extraction: In no case will we extract data from social networks, unless the user’s consent to do so was obtained punctually and expressly.
  • Rights: When, due to the very nature of social networks, the effective exercise of the follower’s data protection rights is subject to the modification of the follower’s personal profile, we will be able to advise you to the best of our ability.

Commitments and obligations to our users

The access and/or use of “Our website” attributes to the user the condition of user, accepting, from this moment, fully the present legal notice.

In the use of “Our website” the user agrees not to carry out any conduct that could damage the image, interests and rights of Rapid MST&D S.L or third parties or that could damage, disable or overload “Our website”.

Validity and modification of this data protection policy

This privacy policy is effective as of 29-04-2021. Rapid MST&D S.L reserves the right to modify its privacy policy in the event that there is a change in current legislation, jurisprudential doctrine or business criteria. If any change is introduced in this policy the new text will be published in this same address.

Informed Consent Data Protection; Testing

Pursuant to GDPR (EU) 2016/679, Spain’s Data Protection Act LOPDGDD 3/2018 and the Patient Autonomy (Regulation) Act 41/2002, we notify you that your personal, identifying and health data will be added to a file owned by Rapid MST&D S.L. and will only be used for the stated purpose:

– All the information you provide us or which we obtain is needed to provide the service and will be processed completely confidentially. All the laboratory’s partners, doctors and staff are required to maintain due secrecy about such data.

FOR WHAT PURPOSE DO WE PROCESS YOUR DATA? Rapid MST&D S.L, will process the information provided by our patients in order to manage their demographic and health data, conduct clinical analyses, for statistical and scientific services (after anonymisation) and billing and contact with the patient for information about our lab partners facilities and services.

HOW LONG DO WE RETAIN YOUR DATA FOR? The personal data provided will be retained only as long as the contractual relationship is maintained and the data subject does not ask to erase them or during the period of legal obligation.

WHAT IS THE LAWFUL BASIS FOR PROCESSING YOUR DATA? Consent of the data subject and/or contractual relationship.

WHICH RECIPIENTS WILL YOUR DATA BE RELEASED TO? Your data will not be disclosed to third parties without your prior consent.

WHAT ARE YOUR RIGHTS WHEN YOU PROVIDE US WITH YOUR DATA? Anyone has the right to obtain confirmation about whether or not Rapid MST&D S.L is processing personal data that concerns them. Data subjects have the right to access their personal data, request rectification of inaccurate data or, where applicable, ask us to erase them when among other reasons the data are no longer needed for the purposes for which they were gathered. In certain circumstances the data party can ask us to restrict our processing of their data, in which case we will only retain them for the purpose of exercising or defending legal claims.

In certain circumstances data subjects may object, on grounds related to their particular situation, to processing of their personal data. Rapid MST&D S.L will then no longer process the personal data save on compelling legitimate grounds or for the exercise or defence of legal claims.

HOW HAVE WE OBTAINED YOUR DATA? We have obtained the data from the data subject or their authorised legal representative. I have read and accept the terms of service and processing of my data in the manner indicated above.